Attivo’s EDN now improves file protection against human-operated ransomware by concealing and denying access to production mapped shares, cloud storage, and selected files or folders.
This limits the malware to the decoy environment, reducing the risk of a successful data compromise.
Traditional endpoint protection or endpoint detection and response products work by signature matching or behavioural anomaly detection, which are open to evasion by human attackers.
According to Attivo, such human-operated “Ransomware 2.0” attacks start with APT-style tactics designed to bypass traditional security controls and gain an initial foothold. From there, the attacker conducts network discovery, probes Active Directory, moves laterally, and identify high-value assets to target by encrypting critical data or taking control of other assets.
Read the full article in IT Wire.